CVE-2016-7969

The wraplinessmart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

References

Affected packages

Git / github.com/libass/libass

Affected ranges

Type: GIT
Repo: https://github.com/libass/libass
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8551555c86f50f978f9ddd55a8d20bceb80d92fc

Fixed

f4f48950788b91c6a30029cc28a240b834713ea7

Affected versions

0.*

0.10.0

0.10.1

0.10.2

0.11.0

0.11.1

0.11.2

0.12.0

0.12.1

0.12.2

0.12.3

0.13.0

0.13.1

0.13.2

0.13.3

0.9.10

0.9.11

0.9.12

0.9.7

0.9.8

0.9.9

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "51762142420342031960033178136166488581",
            "length": 3562.0
        },
        "id": "CVE-2016-7969-4e1985b9",
        "signature_version": "v1",
        "target": {
            "file": "libass/ass_render.c",
            "function": "wrap_lines_smart"
        },
        "source": "https://github.com/libass/libass/commit/f4f48950788b91c6a30029cc28a240b834713ea7",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "71668818312444884182579424001384264623",
                "153709568892301489054239187538722912346",
                "249660998431858653011787501624001113437",
                "267991441071277646004286811666452386671"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2016-7969-6cbe8aa7",
        "signature_version": "v1",
        "target": {
            "file": "libass/ass_render.c"
        },
        "source": "https://github.com/libass/libass/commit/f4f48950788b91c6a30029cc28a240b834713ea7",
        "deprecated": false,
        "signature_type": "Line"
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7969.json"